[SECURITY] [DSA 3234-1] openjdk-6 security update

2015-04-2418:39:47

lists.debian.org

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6 Medium

AI Score

Confidence

Low

0.084 Low

EPSS

Percentile

94.4%

JSON

Debian Security Advisory DSA-3234-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
April 24, 2015 http://www.debian.org/security/faq

Package : openjdk-6
CVE ID : CVE-2015-0460 CVE-2015-0469 CVE-2015-0470 CVE-2015-0477
CVE-2015-0478 CVE-2015-0480 CVE-2015-0488

Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in the execution
of arbitrary code, breakouts of the Java sandbox, information disclosure
or denial of service.

For the stable distribution (wheezy), these problems have been fixed in
version 6b35-1.13.7-1~deb7u1.

We recommend that you upgrade your openjdk-6 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian8s390xopenjdk-7-jre< 7u79-2.5.6-1~deb8u1openjdk-7-jre_7u79-2.5.6-1~deb8u1_s390x.deb
Debian7powerpcopenjdk-6-jre< 6b35-1.13.7-1~deb7u1openjdk-6-jre_6b35-1.13.7-1~deb7u1_powerpc.deb
Debian7i386openjdk-6-jre< 6b35-1.13.7-1~deb7u1openjdk-6-jre_6b35-1.13.7-1~deb7u1_i386.deb
Debian7i386openjdk-7-jdk< 7u79-2.5.6-1~deb7u1openjdk-7-jdk_7u79-2.5.6-1~deb7u1_i386.deb
Debian7armelicedtea-7-jre-jamvm< 7u79-2.5.6-1~deb7u1icedtea-7-jre-jamvm_7u79-2.5.6-1~deb7u1_armel.deb
Debian8i386openjdk-7-demo< 7u79-2.5.6-1~deb8u1openjdk-7-demo_7u79-2.5.6-1~deb8u1_i386.deb
Debian8armhfopenjdk-7-dbg< 7u79-2.5.6-1~deb8u1openjdk-7-dbg_7u79-2.5.6-1~deb8u1_armhf.deb
Debian8armhficedtea-7-jre-jamvm< 7u79-2.5.6-1~deb8u1icedtea-7-jre-jamvm_7u79-2.5.6-1~deb8u1_armhf.deb
Debian8armelopenjdk-7-demo< 7u79-2.5.6-1~deb8u1openjdk-7-demo_7u79-2.5.6-1~deb8u1_armel.deb
Debian8armelopenjdk-7-jdk< 7u79-2.5.6-1~deb8u1openjdk-7-jdk_7u79-2.5.6-1~deb8u1_armel.deb

OS	Version	Architecture	Package	Version	Filename
Debian	8	s390x	openjdk-7-jre	< 7u79-2.5.6-1~deb8u1	openjdk-7-jre_7u79-2.5.6-1~deb8u1_s390x.deb
Debian	7	powerpc	openjdk-6-jre	< 6b35-1.13.7-1~deb7u1	openjdk-6-jre_6b35-1.13.7-1~deb7u1_powerpc.deb
Debian	7	i386	openjdk-6-jre	< 6b35-1.13.7-1~deb7u1	openjdk-6-jre_6b35-1.13.7-1~deb7u1_i386.deb
Debian	7	i386	openjdk-7-jdk	< 7u79-2.5.6-1~deb7u1	openjdk-7-jdk_7u79-2.5.6-1~deb7u1_i386.deb
Debian	7	armel	icedtea-7-jre-jamvm	< 7u79-2.5.6-1~deb7u1	icedtea-7-jre-jamvm_7u79-2.5.6-1~deb7u1_armel.deb
Debian	8	i386	openjdk-7-demo	< 7u79-2.5.6-1~deb8u1	openjdk-7-demo_7u79-2.5.6-1~deb8u1_i386.deb
Debian	8	armhf	openjdk-7-dbg	< 7u79-2.5.6-1~deb8u1	openjdk-7-dbg_7u79-2.5.6-1~deb8u1_armhf.deb
Debian	8	armhf	icedtea-7-jre-jamvm	< 7u79-2.5.6-1~deb8u1	icedtea-7-jre-jamvm_7u79-2.5.6-1~deb8u1_armhf.deb
Debian	8	armel	openjdk-7-demo	< 7u79-2.5.6-1~deb8u1	openjdk-7-demo_7u79-2.5.6-1~deb8u1_armel.deb
Debian	8	armel	openjdk-7-jdk	< 7u79-2.5.6-1~deb8u1	openjdk-7-jdk_7u79-2.5.6-1~deb8u1_armel.deb